Various user productivity applications allow for data entry and analysis of user content. These applications can provide for content creation, editing, and analysis using spreadsheets, presentations, text documents, mixed-media documents, messaging formats, or other user content formats. Among this user content, various textual, alphanumeric, or other character-based information might include sensitive data that users or organizations might not want to include in published or distributed works. For example, a spreadsheet might include social security numbers (SSNs), credit card information, health care identifiers, or other information. Although the user entering this data or user content might have authorization to view the sensitive data, other entities or distribution endpoints might not have such authorization.
Information protection and management techniques can be referred to as data loss protection (DLP) that attempts to avoid misappropriation and misallocation of this sensitive data. In certain content formats or content types, such as those included in spreadsheets, slide-based presentations, and graphical diagramming applications, user content might be included in various cells, objects, or other structured or semi-structured data entities. Moreover, sensitive data might be split among more than one data entity. Difficulties can arise when attempting to identify and protect against sensitive data loss when such documents include sensitive data.
Overview
Systems, methods, and software for data obfuscation frameworks for user applications are provided herein. An exemplary method includes providing user content to a classification service configured to process the user content to classify portions of the user content as comprising sensitive content, and receiving from the classification service indications of the user content that contains the sensitive content. The method includes presenting graphical indications in a user interface to the user application that annotate the user content as containing the sensitive content, and presenting obfuscation options in the user interface for masking the sensitive content within at least a selected portion among the user content. Responsive to a user selection of at least one of the obfuscation options, the method includes replacing associated user content with obfuscated content that maintains a data scheme of the associated user content.
This Overview is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. It may be understood that this Overview is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.